Client Login
Username:
Password:
 Quick Contact
Name:
Phone:
Email:
DOS endangering Mobile Data Networks
Category : Managed Services 10 Jun 2009 09:39 AM
Don't panic! It's not the dreaded MS-DOS that's rearing its head again to wreak havoc on mobile data networks but Denial of Service attacks. Bell Labs have revealed an inherent vulnerability in mobile IP’s that can allow relatively simple cyber attacks to be launched, which then prove incredibly difficult to locate, counter-act and produce a future prevention routine.
Exposed by Krishan Sabnani, Networking Research Vice-President at Bell Labs, last week during the Cyber Infrastructure Protection Conference in New York he explained how a mobile Denial of Service attack could be easily distributed by using an inundation assault method - forcing a repetitive loop of setup and release connections, inundating the IP address with requests; and is thus capable of at least disrupting if not jeopardizing mobile data network security. As such the hack will work in the same way as the SYN Flood attacks, which everyone is familiar with on wired internet connections.
The common method for these mobile Denial of Service attacks is straightforward enough. All that is required is some code that will oversupply the targeted system/network with communications requests from outside, making it impossible to process real information traffic - rendering the website so slow as it might as well be inaccessible. However, in constantly trying to access the website from a mobile device, the mobile devices battery will then drain more rapidly, leaving open another route for an attack on the mobile user’s data by not allowing the mobile device to access the dormant/sleep mode.
Krishan went on to explain the three main scenarios for attacks on mobile data networks that they have worked on so far. First, by preventing the mobile device from entering the ‘sleep’ mode through the delivery of packets. Secondly, overloading radio network controllers by constantly releasing and re-establishing connections for ISP subscribers; and thirdly, simply using malware to infect devices so that they repeatedly scan ports.
Bell Labs are still engineering solutions to the problems of mobile data network Denial of Service attacks as outlined above by Krishan. Meaning that meanwhile, we must all ensure we have the best possible systems in place to take the utmost care in monitoring our mobile data networks that have components with finite battery life's, especially if they have a limited bandwidth.